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AMENDMENT TO THE CLAIMS 

1. (Currently Amended) A remote access system for a secure 
computer network, comprising: 

an agent operative in conjunction with said secure computer 
network; 

an intermediary operative in conjunction with a network 
entity distinct from said secure computer network; and 

a manager for defining a directive to be executed by said 
agent, wherein 

said manager and said intermediary are capable of 
establishing secure communications therebetween, 

said intermediary and said agent are capable of establishing 
secure communications therebetween, 

said agent is operative to provide and said intermediary is 
operative to receive agent— specif ic authenticating data, 

said intermediary is operative to receive agent-specific 
authenticating data from said manager and to compare said agent- 
specific authenticating data from said manager with said agent- 
specific authenticating data from said .agent, and 

said manager is operative to convey said directive to be 
executed to said intermediary and said agent is operative to 
receive said directive to be executed from said intermediar y prior 

executing said directive if said comparison by said 

intermediary of said agent-specific authenticating data provided 
by said agent and said agent-authenticating data provided by said 
manager yields a predetermined result . 
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2. (Original) The system of claim 1, wherein said agent is 
operative to execute said directive and to return results of said 
executed directive to said intermediary. 

3. (Original) jThe system of claim 2, wherein said intermediary 
is operative to forward said results of said executed directive to 
said manager subsequent to said return of said results to said 
intermediary by said agent. 



4. (Original) 
operative to b. 
executed from 



The system of claim 1, wherein said agent is 
.ock pending receipt of said directive to be 
via said intermediary. 



manager 



5. (Original) The system of claim 1, wherein said agent and said 
intermediary are capable of authenticating each other prior to 
establishing said secure communications therebetween* 

6. (Original) The system of claim 1, wherein said manager and 
said intermediary are capable of authenticating each other prior 
to establishing said secure communications therebetween. 



(Canceled) 



8 . (Canceled) 

9. (Original) 
web browser and 
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The system of claim 1, wherein said manager is a 
aid intermediary is a web server* 
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10. (Currently Amended) The system of claim 1, further comprising 
a first — single data pathway between said agent and said 
intermediary eftd — a — second — for each data pathway between said 
manager and said intermediary and oaid agent, — wherein at loaot ono 
e£ — s-a-ird — ff irot — a**d — second — data — pathways — i-s — comprised — &€ — feke- 
Internet . 

11. (Currently Amended) A method of remotely servicing a secure 
computer system, comprising: 

establishing a first secure communications pathway between a 

manager and an intermediary distinct from the secure computer 
system; 

establishing a second secure communications pathway between 

the intermediary and the secure computer system; 

providing authentication reference data from the secure 

computer system to the intermediary; 

providing authentication data from the manager to the 

intermediary; 

comparing the authentication data to the authentication 

reference data for a predetermined result; and 

if the predetermined result is realized, conveying a 

directive to be executed from a rt he manager to the secure computer 
system via a &the intermediary distinct — from — said — secure — computer 
system over a —the first and second secure communications pathways-*- 
and 

receiving, — by— an — agent — e# — said secure — computer — system, — said 
directe - i r fr e — to be executed — from — said — intermediary — over — a — second 
seourc communications pathway; — and 

executing, by said agent, — oaid directive -to - executed. 
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12. (Canceled) 

13. (Original) The method of claim 11 , further comprising 
establishing said first secure communications pathway by said 
manager conveying manager-identifying data to said intermediary. 

14. (Original) The method of claim 11, further comprising 
establishing said second secure communications pathway by said 
agent conveying agent-identifying data to said intermediary. 

15. (Original) The method of claim 11, further comprising 
establishing said second secure communications pathway by said 
intermediary conveying intermediary-identifying data to said 
agent . 

16. (Original) The method of claim 11, wherein said establishment 
of said first secure communications pathway between said manager 
and said intermediary comprises using a web browser as said 
manager and accessing a web server as said intermediary - 

17. (Original) The method of claim ll r further comprising: 
returning, by said agent, results of an executed directive to 

said intermediary; and 

returning, by said intermediary, said executed directive 
results to said manager* 

18. (Currently Amended) A remote servicing system intermediary 
for a secure computer system, comprising: 
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a web server communicable,- over a first secure communications 
link, with a manager appl i ca t ion running on a management computer 
system and, over a second secure communications link, with an 
agent application running on said secure computer system s and 
a secure data storage facility accessible by said web server, 

said web server eapablc of spawning operative 

to receive manager-identifying data from said agent 
application over said second secure_ communications link and to 
store said manager-identifying data in said secure data storage 
f acility, 

to receive submitted manager-identifying data from said 
manager application over said first secure communications link, 

to compare said submitted manager-identifying data with 
said stored manager^identifying data, and, if said comparison 
yields a predetermined result, 

to spawn a first sub-process for receiving, over said 
first secure communications link, a directive to be executed by 
said secure computer system, and 

said wob server — capable — — ppawning to spawn a second sub- 
process for transmitting, over said second secure communications 
link, said directive to be executed by said secure computer 
system. 

19- (Canceled) 

20. (Canceled) 

21. (Currently Amended) The intermediary of claim 18, further 
comprising a digital certificate to be conveyed to said agent s?*d 
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4l-o- aald manager application by said web server over said second 
secure communications link for enabling authentication of 
authenticating said intermediary . 

22. (Currently Amended) The intermediary of claim 18, further 
comprising an access database in communication with said web 
server for defining which secure computer systems^ communicable 
with said intermediary^ said manager application may define 
directives for. 

23. {Currently Amended) The intermediary of claim 18, wherein 
said intermediary — web server is operative to receive results of 
aaid an executed directive from said secure computer system over 
said second secure communications link and is further operative to 
convey said results to said manager application over said first 
secure communications link. 

24. (Currently Amended) A method of operating an intermediary for 
the remote servicing of a securer computer system, comprising: 

providing a first digital certificate to an agent application 
running on said secure computer system in response to a request 
from said agent application for the purpose of authenticating said 
intermediary to said agent application ; 

storing reference identifying information received from said 
agent application in a secure storage facility accessible by said 
intermediary ; 

providing — a — occond — digital — cortif icatc — fee — a — manager — 

response — — a — request - — from — s-aid — manage* — — fe&e — purpose — &€■ 
authenticating said intermediary to said manager; 
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receiving said — first identifying information from said 
manager^ 

selectively approving the accessibility of said intermediary 
to said manager by analysis of said first identifying information 
by said intermediary — — fehe — purpose — e# — au-t5 - foont - i<sa4r j= ng — • said 
manager to said intcrmodi - a - r - y ; 

receiving second identifying data from said manager; 

comparing, by said intermediary/ said second identifying 
information with said reference identifying data; and 

if a predetermined result is achieved by said comparison, 
receiving, from said manager, a directive to be executed by said 
agent application- ^ and 

forwarding said directive to said agent application for 
execution . 

25. (Currently Amended) The method of claim 24, further 
comprising: 

receiving results of said executed directive from said agent 
application at said intermediary ; and 

forwarding said results to said manager by said intermediary . 

26. (Currently Amended) The method of claim 24, further 
comprising: 

storing a list of secure computer systems^ communicable with 
said intermediary^ and for which said manager , identified by said 
step of selectively approving, may define directives to be 
executed. 
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27. (Currently Amended) The method of claim 24, further 
comprising r 

establishing a first secure communications pathway between 
said intermediary and said agent application in response to said 
agent application authenticating said intermediary based upon said 
provision of said first digital certificate from said intermediary 
to said agent application , 

28. (Currently Amended) The method of claim 24, further 
comprising: 

establishing a second secure communications pathway between 
said intermediary and said manager in response to said managog 
intermediary authenticating said intermediary m anager b ased upon 

said provision of said second — - digital certificate first 

identifying- data from said intermediary — manager to said manager 
intermediary aftd — ±fi — response — said — receipt — ef — said — identifying 
information from gaid manager by oaid intermediary . 
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